Skip to content

HIPAA/HITECH Compliance Assurance

A Covered Entity(CE) or Business Associate(BA) needs to legally comply with the federal HIPAA/HITECH compliance assurance’s security, privacy, and breach rules/standards to protect individuals’ electronic Protected Health Information. A2LA’s accredited process and databrackets’ certified privacy and security professionals can help your organization comply with the HIPAA/HITECH compliance assurance requirement in a most efficient and cost-effective way.

How it works?

Why Does HIPAA/HITECH Compliance Matter?

A Covered Entity(CE) or Business Associate(BA) needs to legally comply with the federal HIPAA/HITECH compliance assurance’s security, privacy, and breach rules/standards to protect individuals’ electronic Protected Health Information (ePHI) that is created, received, used, or maintained. The HIPAA Privacy Rule establishes national standards to protect individuals’ medical records and other personal health information and applies to health plans, healthcare clearinghouses, business associates, and those health care providers that conduct certain health care transactions electronically. The security rule requires appropriate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of electronic protected health information. The breach rule covers the breach notification procedures introduced by the HITECH act for unsecured protected health information.

Key HIPAA/HITECH Regulations

The HIPAA Security Rule

Establishes national standards to protect individuals’ electronic personal health information (ePHI) that is created, received, used, or maintained by a covered entity. The Security Rule requires appropriate administrative, physical and technical safeguards to ensure the confidentiality, integrity, and security of ePHI.

The HIPAA Privacy Rule

Requires appropriate safeguards to protect the privacy of personal health information, and sets limits and conditions on the uses and disclosures. The Rule also gives patients rights over their health information, including rights to examine and obtain a copy of their health records and to request corrections.

Breach Notification Rule

45 CFR §§ 164.400-414, requires HIPAA covered entities and their business associates to provide notification following a breach of unsecured protected health information pursuant to section 13407 of the HITECH Act.

HIPAA Enforcement

HHS’ Office for Civil Rights is responsible for enforcing the Privacy and Security Rules.

Full text is located at 45 CFR Part 160 and Subparts A and C of Part 164.

Our deliverables include but not limited to

Our Process

Interested in trying our DIY platform ?

Some of Our Happy Customers

Additional Resources